terraform-ibm-modules
diff --git a/‎.gitignore
Lines changed: 3 additions & 0 deletions b/‎.gitignore
Lines changed: 3 additions & 0 deletions
diff --git a/‎CHANGELOG.md
Lines changed: 134 additions & 0 deletions b/‎CHANGELOG.md
Lines changed: 134 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 110 additions & 28 deletions b/‎README.md
Lines changed: 110 additions & 28 deletions
diff --git a/‎assets/architecture.svg
Lines changed: 1 addition & 0 deletions b/‎assets/architecture.svg
Lines changed: 1 addition & 0 deletions
diff --git a/‎configure_project/data.tf b/‎configure_project/data.tf
diff --git a/‎configure_project/main.tf
Lines changed: 53 additions & 0 deletions b/‎configure_project/main.tf
Lines changed: 53 additions & 0 deletions
diff --git a/‎configure_project/outputs.tf
Lines changed: 4 additions & 0 deletions b/‎configure_project/outputs.tf
Lines changed: 4 additions & 0 deletions
diff --git a/‎configure_project/provider.tf b/‎configure_project/provider.tf
@@ -51,3 +51,6 @@ terraform.rc
 
 # Visual Studio Code
 .vscode/
+
+# venv
+venv/*
@@ -0,0 +1,134 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## 0.3.0
+
+### Added
+
+- Added unit test
+
+### Changed
+
+- Lite plan for COS is not accepted anymore
+
+### Fixed
+
+## 0.2.0
+
+### Added
+
+### Changed
+
+- Replaced custom code to provision a COS instance with https://github.com/terraform-ibm-modules/terraform-ibm-cos/tree/main
+
+### Fixed
+
+- Project URL now redirect to target account
+
+## 0.1.7
+
+### Added
+
+### Changed
+
+### Fixed
+
+- Patch the ML instance in the project configuration if the user deletes and recreated the ML instance
+- Fixed force_account_scope account settings
+
+## 0.1.6
+
+### Added
+
+### Changed
+
+### Fixed
+
+- Changed default plan of optional services to "do not install"
+
+## 0.1.5
+
+### Added
+
+### Changed
+
+### Fixed
+
+- Input plans are now null in Projects UI
+
+## 0.1.4
+
+### Added
+
+### Changed
+
+### Fixed
+
+- Outputs of optional services were arrays, now outputs are string agains
+
+## 0.1.3
+
+### Added
+
+- Restrict resources to the current target account
+
+### Changed
+
+- Watson Conversation, Discover, and Governance are now optional services
+
+### Fixed
+
+## 0.1.2
+
+### Added
+
+- Added dashboard URL for the provisioned services
+- Add Watson project URL
+
+### Changed
+
+### Fixed
+
+## 0.1.1
+
+### Added
+
+- Project creation in Watson
+- User can specify a prefix to use for the resource names
+
+### Changed
+
+### Fixed
+
+- Fixed the plan names
+
+## 0.1.0
+
+### Added
+
+- User is configured in watsonx platform if it is not already configured
+
+### Changed
+
+### Fixed
+
+## 0.0.2
+
+### Added
+
+- New variables to set the plan for each resource
+
+### Changed
+
+### Fixed
+
+## 0.0.1
+
+### Added
+
+- First release
+
+### Changed
+
+### Fixed
@@ -1,5 +1,5 @@
 <!-- Update the title -->
-# Terraform Modules Template Project
+# Watsonx SaaS Deployable Architecture (DA)
 
 <!--
 Update status and "latest release" badges:
@@ -13,8 +13,11 @@ Update status and "latest release" badges:
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 
 <!-- Add a description of module(s) in this repo -->
-TODO: Replace me with description of the module(s) in this repo
-
+The **Watsonx SaaS Deployment Architecture (Watsonx DA)** is designed to automate the deployment and
+configuration of the **IBM watsonx** platform in an IBM Cloud Account.
+The **IBM watsonx** platform is made of several services working together to offer AI capabilities to end users, who can explore them using [IBM watsonx projects](https://dataplatform.cloud.ibm.com/docs/content/wsj/manage-data/manage-projects.html?context=wx&audience=wdp).
+On that purpose, the **Watsonx DA** also
+configures a *starter project* for an IBM Cloud user.
 
 <!-- Below content is automatically populated via pre-commit hook -->
 <!-- BEGIN OVERVIEW HOOK -->
@@ -37,20 +40,28 @@ https://terraform-ibm-modules.github.io/documentation/#/implementation-guideline
 
 
 <!-- This heading should always match the name of the root level module (aka the repo name) -->
-## terraform-ibm-module-template
+## terraform-ibm-watsonx-saas-da
 
-### Usage
+The solution supports the following:
 
-<!--
-Add an example of the use of the module in the following code block.
+- Creating a new resource group, or taking an existing one.
+- Provisioning the services
+  - `Watson Machine Learning`
+  - `Watson Studio`
+  - `Cloud Object Storage`.
+- Configuring the `IBM watsonx profile` and creating a *starter* `IBM watsonx project`
+  for an IBM Cloud user, who becomes the `admin` of the `IBM watsonx project` (`IBM watsonx admin` in the following).
 
-Use real values instead of "var.<var_name>" or other placeholder values
-unless real values don't help users know what to change.
--->
+As result the `IBM watsonx admin` can log into [IBM watsonx](https://dataplatform.cloud.ibm.com/login) in the target account and start experimenting
+with the *starter* project.
 
-```hcl
+Optionally, the solution supports:
 
-```
+- Provisioning of one or more of the services, with a selectable
+  service plan:
+  - `watsonx.governance`
+  - `watsonx Assistant`
+  - `Watson Discovery`.
 
 ### Required IAM access policies
 
@@ -62,17 +73,29 @@ information in the console at
 Manage > Access (IAM) > Access groups > Access policies.
 -->
 
-<!--
-You need the following permissions to run this module.
-
-- Account Management
-    - **Sample Account Service** service
-        - `Editor` platform access
-        - `Manager` service access
-    - IAM Services
-        - **Sample Cloud Service** service
-            - `Administrator` platform access
--->
+You need the following permissions to deploy this solution.
+
+- All Account Management services
+  - Administrator (only if you must create a new resource group)
+- Watson Machine Learning
+  - Editor platform role (to create and delete the service)
+- Watson Studio
+  - Editor platform role (to create and delete the service)
+- Cloud Object Storage
+  - Editor platform role (to create and delete the service)
+- watsonx.governance
+  - Editor platform role (only if you must provision)
+- watsonx Assistant
+  - Editor platform role (only if you must provision)
+- Watson Discovery
+  - Editor platform role (only if you must provision)
+
+The `IBM watsonx admin` needs the following permissions.
+
+- All Account Management services
+  - Administrator
+- All Identity and Access enabled services
+  - Administrator
 
 <!-- NO PERMISSIONS FOR MODULE
 If no permissions are required for the module, uncomment the following
@@ -88,23 +111,82 @@ statement instead the previous block.
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0, <1.7.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0, <1.7.0 |
+| <a name="requirement_ibm"></a> [ibm](#requirement\_ibm) | >= 1.62.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | 3.6.0 |
+| <a name="requirement_restapi"></a> [restapi](#requirement\_restapi) | >= 1.19.1 |
 
 ### Modules
 
-No modules.
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_configure_project"></a> [configure\_project](#module\_configure\_project) | ./configure_project | n/a |
+| <a name="module_configure_user"></a> [configure\_user](#module\_configure\_user) | ./configure_user | n/a |
+| <a name="module_cos"></a> [cos](#module\_cos) | terraform-ibm-modules/cos/ibm//modules/fscloud | 7.5.3 |
+| <a name="module_resource_group"></a> [resource\_group](#module\_resource\_group) | terraform-ibm-modules/resource-group/ibm | 1.1.5 |
 
 ### Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [ibm_resource_instance.assistant_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) | resource |
+| [ibm_resource_instance.discovery_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) | resource |
+| [ibm_resource_instance.governance_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) | resource |
+| [ibm_resource_instance.machine_learning_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) | resource |
+| [ibm_resource_instance.studio_instance](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/resource_instance) | resource |
+| [random_string.unique_identifier](https://registry.terraform.io/providers/hashicorp/random/3.6.0/docs/resources/string) | resource |
+| [ibm_iam_auth_token.tokendata](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/data-sources/iam_auth_token) | data source |
 
 ### Inputs
 
-No inputs.
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_cos_plan"></a> [cos\_plan](#input\_cos\_plan) | Resource plan used to provision the Cloud Object Storage instance. | `string` | `"standard"` | no |
+| <a name="input_ibmcloud_api_key"></a> [ibmcloud\_api\_key](#input\_ibmcloud\_api\_key) | Used with the Terraform IBM-Cloud/ibm provider | `string` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | Used with the Terraform IBM-Cloud/ibm provider as well as resource creation. | `string` | `"us-south"` | no |
+| <a name="input_project_description"></a> [project\_description](#input\_project\_description) | Description of the watson project to create. | `string` | `"Watson Project created via watsonx-ai SaaS DA"` | no |
+| <a name="input_project_name"></a> [project\_name](#input\_project\_name) | Name of the watson project to create. | `string` | `"demo"` | no |
+| <a name="input_project_tags"></a> [project\_tags](#input\_project\_tags) | Tags to attach to the watson project to create. | `list(string)` | <pre>[<br>  "watsonx-ai-SaaS"<br>]</pre> | no |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | Name of the IBM Cloud resource group in which resources should be created | `string` | `null` | no |
+| <a name="input_resource_prefix"></a> [resource\_prefix](#input\_resource\_prefix) | Name to be used on all Watson resource as prefix | `string` | `"watsonx-poc"` | no |
+| <a name="input_watson_assistant_plan"></a> [watson\_assistant\_plan](#input\_watson\_assistant\_plan) | Resource plan used to provision the watsonx Assistance instance. | `string` | `"do not install"` | no |
+| <a name="input_watson_discovery_plan"></a> [watson\_discovery\_plan](#input\_watson\_discovery\_plan) | Resource plan used to provision the Watson Discovery instance. | `string` | `"do not install"` | no |
+| <a name="input_watson_governance_plan"></a> [watson\_governance\_plan](#input\_watson\_governance\_plan) | Resource plan used to provision the watsonx Governance instance. | `string` | `"do not install"` | no |
+| <a name="input_watson_machine_learning_plan"></a> [watson\_machine\_learning\_plan](#input\_watson\_machine\_learning\_plan) | Resource plan used to provision the Watson Machine Learning instance. | `string` | `"lite"` | no |
+| <a name="input_watson_studio_plan"></a> [watson\_studio\_plan](#input\_watson\_studio\_plan) | Resource plan used to provision the Watson Studio instance. | `string` | `"free-v1"` | no |
 
 ### Outputs
 
-No outputs.
+| Name | Description |
+|------|-------------|
+| <a name="output_project_id"></a> [project\_id](#output\_project\_id) | ID of the created project |
+| <a name="output_project_url"></a> [project\_url](#output\_project\_url) | URL of the created project |
+| <a name="output_watson_governance_crn"></a> [watson\_governance\_crn](#output\_watson\_governance\_crn) | CRN of the Watson Governance instance |
+| <a name="output_watson_governance_dashboard_url"></a> [watson\_governance\_dashboard\_url](#output\_watson\_governance\_dashboard\_url) | Dashboard URL of the Watson Governance instance |
+| <a name="output_watson_governance_guid"></a> [watson\_governance\_guid](#output\_watson\_governance\_guid) | GUID of the Watson Governance instance |
+| <a name="output_watson_governance_name"></a> [watson\_governance\_name](#output\_watson\_governance\_name) | Name of the Watson Governance instance |
+| <a name="output_watson_governance_plan_id"></a> [watson\_governance\_plan\_id](#output\_watson\_governance\_plan\_id) | Plan ID of the Watson Governance instance |
+| <a name="output_watson_machine_learning_crn"></a> [watson\_machine\_learning\_crn](#output\_watson\_machine\_learning\_crn) | CRN of the Watson Machine Learning instance |
+| <a name="output_watson_machine_learning_dashboard_url"></a> [watson\_machine\_learning\_dashboard\_url](#output\_watson\_machine\_learning\_dashboard\_url) | Dashboard URL of the Watson Machine Learning instance |
+| <a name="output_watson_machine_learning_guid"></a> [watson\_machine\_learning\_guid](#output\_watson\_machine\_learning\_guid) | GUID of the Watson Machine Learning instance |
+| <a name="output_watson_machine_learning_name"></a> [watson\_machine\_learning\_name](#output\_watson\_machine\_learning\_name) | Name of the Watson Machine Learning instance |
+| <a name="output_watson_machine_learning_plan_id"></a> [watson\_machine\_learning\_plan\_id](#output\_watson\_machine\_learning\_plan\_id) | Plan ID of the Watson Machine Learning instance |
+| <a name="output_watson_platform_endpoint"></a> [watson\_platform\_endpoint](#output\_watson\_platform\_endpoint) | Endpoint of the Watson platform |
+| <a name="output_watson_studio_crn"></a> [watson\_studio\_crn](#output\_watson\_studio\_crn) | CRN of the Watson Studio instance |
+| <a name="output_watson_studio_dashboard_url"></a> [watson\_studio\_dashboard\_url](#output\_watson\_studio\_dashboard\_url) | Dashboard URL of the Watson Studio instance |
+| <a name="output_watson_studio_guid"></a> [watson\_studio\_guid](#output\_watson\_studio\_guid) | GUID of the Watson Studio instance |
+| <a name="output_watson_studio_name"></a> [watson\_studio\_name](#output\_watson\_studio\_name) | Name of the Watson Studio instance |
+| <a name="output_watson_studio_plan_id"></a> [watson\_studio\_plan\_id](#output\_watson\_studio\_plan\_id) | Plan ID of the Watson Studio instance |
+| <a name="output_watsonx_assistant_crn"></a> [watsonx\_assistant\_crn](#output\_watsonx\_assistant\_crn) | CRN of the WatsonX Assistant instance |
+| <a name="output_watsonx_assistant_dashboard_url"></a> [watsonx\_assistant\_dashboard\_url](#output\_watsonx\_assistant\_dashboard\_url) | Dashboard URL of the WatsonX Assistant instance |
+| <a name="output_watsonx_assistant_guid"></a> [watsonx\_assistant\_guid](#output\_watsonx\_assistant\_guid) | GUID of the WatsonX Assistant instance |
+| <a name="output_watsonx_assistant_name"></a> [watsonx\_assistant\_name](#output\_watsonx\_assistant\_name) | Name of the WatsonX Assistant instance |
+| <a name="output_watsonx_assistant_plan_id"></a> [watsonx\_assistant\_plan\_id](#output\_watsonx\_assistant\_plan\_id) | Plan ID of the WatsonX Assistant instance |
+| <a name="output_watsonx_discovery_crn"></a> [watsonx\_discovery\_crn](#output\_watsonx\_discovery\_crn) | CRN of the WatsonX Discovery instance |
+| <a name="output_watsonx_discovery_dashboard_url"></a> [watsonx\_discovery\_dashboard\_url](#output\_watsonx\_discovery\_dashboard\_url) | Dashboard URL of the WatsonX Discovery instance |
+| <a name="output_watsonx_discovery_guid"></a> [watsonx\_discovery\_guid](#output\_watsonx\_discovery\_guid) | GUID of the WatsonX Discovery instance |
+| <a name="output_watsonx_discovery_name"></a> [watsonx\_discovery\_name](#output\_watsonx\_discovery\_name) | Name of the WatsonX Discovery instance |
+| <a name="output_watsonx_discovery_plan_id"></a> [watsonx\_discovery\_plan\_id](#output\_watsonx\_discovery\_plan\_id) | Plan ID of the WatsonX Discovery instance |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 <!-- Leave this section as is so that your module has a link to local development environment set up steps for contributors to follow -->
 
@@ -0,0 +1,53 @@
+resource "restapi_object" "configure_project" {
+  count          = var.project_name == null ? 0 : 1
+  path           = "//api.dataplatform.cloud.ibm.com"
+  read_path      = "//api.dataplatform.cloud.ibm.com{id}"
+  read_method    = "GET"
+  create_path    = "//api.dataplatform.cloud.ibm.com/transactional/v2/projects?verify_unique_name=true"
+  create_method  = "POST"
+  id_attribute   = "location"
+  destroy_method = "DELETE"
+  destroy_path   = "//api.dataplatform.cloud.ibm.com/transactional{id}"
+  data           = <<-EOT
+                  {
+                    "name": "${var.project_name}",
+                    "generator": "watsonx-saas-da",
+                    "type": "wx",
+                    "storage": {
+                      "type": "bmcos_object_storage",
+                      "guid": "${var.cos_guid}",
+                      "resource_crn": "${var.cos_crn}"
+                    },
+                    "description": "${var.project_description}",
+                    "public": true,
+                    "tags": ${jsonencode(var.project_tags)},
+                    "compute": [
+                      {
+                        "name": "${var.machine_learning_name}",
+                        "guid": "${var.machine_learning_guid}",
+                        "type": "machine_learning",
+                        "crn": "${var.machine_learning_crn}"
+                      }
+                    ]
+                  }
+                  EOT
+  update_method  = "PATCH"
+  update_path    = "//api.dataplatform.cloud.ibm.com{id}"
+  update_data    = <<-EOT
+                  {
+                    "name": "${var.project_name}",
+                    "type": "wx",
+                    "description": "${var.project_description}",
+                    "public": true,
+                    "compute": [
+                      {
+                        "name": "${var.machine_learning_name}",
+                        "guid": "${var.machine_learning_guid}",
+                        "type": "machine_learning",
+                        "crn": "${var.machine_learning_crn}",
+                        "credentials": {}
+                      }
+                    ]
+                  }
+                  EOT
+}
@@ -0,0 +1,4 @@
+output "project_id" {
+  value       = trim(resource.restapi_object.configure_project[0].id, "/v2/projects/")
+  description = "ID of the created project"
+}